package com.hzya.frame.web.shiro.filter;

import com.hzya.frame.utils.help.RegexpHelper;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.web.servlet.AdviceFilter;

import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;

public class SessionVaildFitler extends AdviceFilter {
	private String anonUrl = "";

	public String getAnonUrl() {
		return anonUrl;
	}

	public void setAnonUrl(String anonUrl) {
		this.anonUrl = anonUrl;
	}

	public boolean checkExcludeUrl(String requestUrl) {
		boolean flag = false;
		if ("".equals(anonUrl) || null == anonUrl) {
			flag = true;
		} else {
			String[] excludeUrlAry = anonUrl.split(",");
//			for (int i = 0; i < excludeUrlAry.length; i++) {
//			 	if (RegexpHelper.isGlobmatches(requestUrl, excludeUrlAry[i])) {
//					flag = true;
//					break;
//				}
//			}
		}
		return flag;
	}

	@Override
	protected boolean preHandle(ServletRequest request, ServletResponse response) throws Exception {
		HttpServletRequest httpServletRequest = (HttpServletRequest) request;
		if (checkExcludeUrl(httpServletRequest.getRequestURL().toString())) {
			return true;
		}
		if (!SecurityUtils.getSubject().isAuthenticated())
			throw new org.apache.shiro.session.InvalidSessionException();
		return true;
	}
}
